Lazarus Campaign and LoopX Scam Show That Cryptocurrency Industry Still Fraught With Dangers

The past weeks have seen a slew of reports on cryptocurrency-related hacks and scams. Two more incidents made the news recently: one concerning a new campaign from the threat actor known as the Lazarus Group, and the other involving a scam by one of the many new cryptocurrency startups.

As with yesterday’s news, the issues with these two separate incidents are but a part of the many dangers that still plague the Wild West known as the cryptocurrency industry. While the technology of cryptocurrencies, and most of its implementation, is useful, the lack of regulation and the current hype attached to the industry often lead to cybercriminals and scammers taking advantage of people who want to get in on the fad.

The campaign was discovered when security researchers found a phishing email, disguised as an email sent by a recruiter, with an embedded Dropbox link. The link contains a document with a job description for a bank executive who will be based in Hong Kong. The document then leads to a Visual Basic macro implant which scans the affected system for signs of Bitcoin activity. It then drops a second implant that is designed for long-term data gathering and persistence.

According to the report, the tactics and techniques used in the campaign are similar to some of Lazarus’ previous attacks. However, the use of the dropped implants is a new activity and shows that the group’s tools for its malicious operations are constantly evolving.

There is still no information as of now regarding the scope of the new campaign or the exact regions where it is occurring. But given how widespread the group’s previous attacks were, in addition to the group’s access to a wide variety of tools and resources, it’s reasonable to believe that the group is not limited by geographic factors.

LoopX Apparently Scams Its Investors of US$4.5 Million

With the large number of groups wanting to cash in on the cryptocurrency fad, it might be difficult to keep up with all the new coins launching in the market. LoopX, a cryptocurrency startup that managed to raise US$4.5 million in a series of initial coin offerings (ICOs) and had a legitimate online presence complete with website and social media accounts, seemingly disappeared from the face of the Earth, taking with it the money of its investors.

LoopX’s website and other accounts across various social media platforms have already been taken down. However, an existing thread in bitcointalk.org details many of the cryptocurrency’s “features,” which include a “revolutionary” trading platform and a supposedly advanced trading algorithm.

Lessons to be Learned

The two incidents mentioned in this entry are just a few examples of the many kinds of attacks and scams involving cryptocurrencies that users can realistically encounter. Over the past few months, cybercriminals have used cryptocurrencies or things related to cryptocurrencies in a wide variety of malicious activities, including the following:

The truth is that the number of attack methods is almost as varied as the number of cryptocurrencies themselves. Users have to understand more than ever that the industry is still nascent and therefore fraught with threats at this point. Awareness and caution are some of the best weapons to combat the rising number of threats.

Users can also apply security best practices that apply to the specific incidents mentioned in this article. For the Lazarus campaign, for example, users and organizations should always follow techniques in identifying and dealing with phishing attacks. This is especially important when it comes to campaigns by groups such as Lazarus, which possesses both the experience and expertise to trick even the most discerning users.

When it comes to cryptocurrency security, being an informed and smart user and consumer or investor is important. Although some offerings might sound like a great opportunity to get in “before the rush,” fear of missing out also exposes people to the risk of malicious attacks or scams. There is nothing wrong per se with investing in new cryptocurrencies. However, exercise due diligence and consider every aspect of the project with a keen mind and ten grains of salt.

2017 MIDYEAR SECURITY ROUNDUP

2018 SECURITY PREDICTIONS

Today's increasingly interconnected environments pave the way for threats that will bank on systems' weaknesses for different forms of cybercrime. How can you prepare for the year ahead?View the 2018 Security Predictions